Posted: February 26th, 2022

CS656 LAB 1.1: Brute-force Attack using the OpenSSL Library 1/3

CS656 LAB 1.1: Brute-force Attack using the OpenSSL Library 1/3

CS 656 LAB 1.1 Brute-force Attack using the OpenSSL Library

Notes:

• This is an individual lab.

• The code and other answers you submit MUST be entirely your own work, and you are bound by the WSU Academic Integrity Policy (https://www.wichita.edu/ about/student_conduct/ai.php). You MAY consult with other students about the conceptualization of the tasks and the meaning of the questions, but you MUST NOT look at any part of someone else’s solution or collaborate with anyone. You may consult published references, provided that you appropriately cite them in your reports and programs, as you would do in an academic paper.

• Read the entire document carefully before you start working on the lab.

GOOD LUCK!

1 Overview

The learning objective of this lab is to get familiar with the concepts in the symmetric and learn how to program using the OpenSSL crypto library.

Lab Environment. This lab has been tested on Ubuntu 20.04. You will be given access to the remote Ubuntu environment with necessary packages installed. You may also run your own virtual machine by downloading it from the SEED labs website (see the details here: https://github.com/ seed-labs/seed-labs/blob/master/manuals/vm/seedvm-manual.md).

2 Submission

Submit a PDF document with your answers to the questions in this lab. Your report should have a subheading for each question, and your answers should be inside the corresponding subheading. If applicable, list the important code snippets followed by explanation. Simply attaching code without any explanation will not receive credits.

Note: Your report must contain your Name (Lastname, Firstname) and WSU ID. Use the following format for your report’s PDF filename: lab1 1 report YOUR WSU ID.pdf. For example, if your ID is C656S656, your report should be lab1 1 report c656s656.pdf. Use the following filename format for your program: lab1 1 YOUR WSU ID.. For example, if you use C and your WSU ID is C656S656, your source file would be lab1 1 c656s656.c. There is a 10% reduction of points if your report/submissions file do not follow the correct filename format and/or missing name/ID inside the document.

3 Lab Task: Brute-force Attack using the Crypto Library

In this lab, you are given a plaintext and a ciphertext, and your job is to find the key that is used for the encryption. You do know the following facts:

https://www.wichita.edu/about/student_conduct/ai.php
https://www.wichita.edu/about/student_conduct/ai.php
https://github.com/seed-labs/seed-labs/blob/master/manuals/vm/seedvm-manual.md
https://github.com/seed-labs/seed-labs/blob/master/manuals/vm/seedvm-manual.md
CS656 LAB 1.1: Brute-force Attack using the OpenSSL Library 2/3

• The aes-128-cbc cipher is used for the encryption.

• The key used to encrypt this plaintext is an English word shorter than 16 characters; the word can be found from a typical English dictionary. Since the word has less than 16 characters (i.e. 128 bits), pound signs (#: hexadecimal value is 0x23) are appended to the end of the word to form a key of 128 bits.

Your goal is to write a program to find out the encryption key. You are given the following files: plaintext.txt ciphertext.txt iv.txt wordlist.txt

Notes:

• In this task, you are supposed to write your own program to invoke the crypto library. No credit will be given if you simply use the openssl commands to do this task. Sample code can be found from the following URL:

https://www.openssl.org/docs/man1.1.1/man3/EVP_CipherInit.html

• When you compile your code using gcc, do not forget to include the -lcrypto flag, because your code needs the crypto library. See the following example for the code filename bfattack.c:

$ gcc -o bfattack bfattack.c -lcrypto

• You can use the starter C file from Lab 1 (i.e., task4 starter bfattack.c)

• You are allowed to use any programming language to complete this task.

Deliverable. In your report perform the following actions and answer the questions. Clearly mark question numbers.

1. Draw a flowchart of the solution. [20 Points]

2. Present an algorithmic workflow of your solution. The algorithm must be aligned with the flowchart you developed in Step 1. Include comments in your algorithm that clearly marks each of the steps. Note: directly borrowed pseudocode from the class lecture will note receive any points. [40 Points]

3. How many search operations you need in the worst-case to find the key? Justify your answer with the flowchart and algorithms you developed in the earlier steps. [20 Points]

4. Include (a) your code, (b) brief explanation of your implementation, and (c) the secret key that you found. [10 Points]

5. Show a screenshot of your terminal output showing the command to run the code as well as the key your found. [5 Points]

6. Submit the code file with correct filename format. To receive full credit, both your report and code file must be submitted. [5 Points]

CS656 LAB 1.1: Brute-force Attack using the OpenSSL Library 3/3

Copyright © 2022 Monowar Hasan. This document is adopted from Dr. Sergio Salinas Monroy and origninally based on the SEED Labs developed by Dr. Wenliang Du. The contents of this document are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. A human-readable summary of (and not a substitute for) the license is the following: You are free to copy and redistribute the material in any medium or format. You must give appropriate credit. If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. You may not use the material for commercial purposes.

Overview
Submission
Lab Task: Brute-force Attack using the Crypto Library

Order | Check Discount

Tags: write my history essay for me, psychology assignment topics, online nursing papers, online nursing essay writing service, nursing assignment writers